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Claims 

What is claimed is: 

LA method of providing restricted access to a storage medium in communication with a 
5 computer comprising the step of: 

executing a file system layer on the computer, the file system layer suppprting a plurality 
of file system commands; 

executing a trap layer on the computer, the trap layer logically disposed above the file 
system layer; ' ' ' 

1 0. providing to the trap layer at least a disabled file system corhmand relating to the storage 
medium and supported by the file system for the storage rnedium; 
intercepting data provided to the file system layer including an intercepted file system 
command; ' " , ■ 

comparing the intercepted file system command to each of the at least a disabled file 

15 system command to produce at least a comparison result; and, 

when each of the at least a comparison result is indicative of other than 
providing the intercepted file system command to the file system layer. 

2. A method as defined in claim I comprising the steps of: 

20 - providing to the trap layer at least a modifiable file system command 'relating to the 
storage medium and requiring modification to be supported by the file system for the 
storage medium; 

comparing the intercepted file system request to each of the at least a modifiable file 
system comriiand to produce at least a second comparison result; and, 
25 when the at least a second comparison result is indicative of a match, modifying the file 
system request and providing the modified file system command to the file system layer. 

3. A method as defined in claim 2 comprising the steps of: 

executing an application layer, the application layer in execution logically above the trap 
30 layer such that the trap layer is logically disposed between the appHcation layer ar>d the 
file system layer; and 
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when a comparison result from the at least a comparison result is indicative of a match, 
providing an error indication to the application layer. 

4, A method as defined in claim 3 wherejn the error indication is provided from the trap 
5 layer. 

5, A method as defined in claim 4 wherein the at least a disabled file system commarid 
comprises at least a conimand resulting in a write operation to the storage medium. 

10 6. A method as defined in claim 5 wherein the at least a command comprises at least one 
of a delete file command, a rename file cornmand, a modify permissions command, an 
overwrite file command and a overwrite zero length file command, 

7. A method as defined in claim 6 wherein the. at least a command comprises a delete file 
15 command.' 

8. A method as defined in claim 6 wherein the at least a command comprises a rename 
filecommand. : - 

20 9. A method as defined in claim 6 wherein the at least a command comprises a modify 
permissions command, 

10. A method as defined in claim 6 wherein the at least a command comprises an 
bvervsn-ite fUe conimand. 

■25.^ ■ ' " ; ■ ■ 

1 1 . A method as defined in claim 6 wherein the at least a command comprises a 
overwrite zero length file command. 

12. A rriethod as defined in claim 6 wherein the at least a disabled file system command 
20 comprises a set of commands including all commands resulting in a write operation to the 

storage medium. 

18 
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13. A method as defined in claim 2 wherein the at least a disabled file system command 
is determined from data stored on the storage medium.; 

5 14, A method as defined in claim 13 wherein the at least a disabled file system command 
relates to all files stored on the storage rnediuni. 

15. A rnethod as defined in clairn 1 wherein the at least a disabled file system command 

. comprises a set of commands including all commands resulting iri a write operation to the 
10 storage rnedium, . ' 

16. A method of restricting access to a storage medium in communication with a . 
computer, the method cpmprising the step of 

executing a file system layer on the computer, the file syslern layer supporting a pliirality 

15 of file system commands;. 
,•■ , providing to the file system layer at least a disabled file system command for the storage 
medium, the disabled file system command supported by the file system for the storage 
medium, the at least a disabled file system command being other than all write 
commands, other than all read commands, and other than all write cpmniands and all read 

20 commands; 

comparing file system requests provided to the file systeni layer to each of the at least a 
disabled file system command to produce at least a comparison result; arid, 
when each of the at least a comparison result is indicative of other than a match, 
executing the file system command. 

17. A method as defined in claim 16 comprising the steps of: 

providing to the file system layer at least a modifiable file system command relating to 
the storage medium and requiring modification to be supported by the file system for the 
^ storage medium; 
30 comparing the intercepted file system request to each of the at least a modifiable file 
system command to produce at least a second comparison result; and. 
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when the at least a second comparison result is indicative of a match, modifying the file 
system request and providing the modified file system request to the file system layer. 

18. A method as defined in claim 17 comprising the steps of: 
5 executing an application layer, the application layer in execution logically above the file 
system layer; and . . . . 

when a comparison result from the at least a comparison result is indicative of a match, 
providing an error indication to the application layer. 

10 19. A method as defined in claim 18 wherein the at least a command comprises at least 
one of a delete file command, a rename file command, a modify permissions command, 
an overwrite file command and a overwrite zero length file command. 

20- A method as defined in claim 19 wherein the at lea3t a command comprises a delete 
15. filecommand. 

21 , A method as defined in claim 19 wherein.the at least a command comprises a rename 
filecommand, , - ' .. 

20 • 22. A method as defined in claim 19 wherein the at least a command comprises a modify 
permissions command. 

23. A method as defined in claim 19 wherein the at least a command comprises an 
overwrite file command. / 

25 

24. A method as defined in claim 1 9 wherein the at least a command compriseis a 
overwrite zero length file command. 

25. A method as defined in claim 16 vvherein the at least a disabled file system command 

■ ■ ■ . . ■ ■ ■ - ' 

30 is determined ifrom data stored on the storage medium. 

■ -20 ■..■„■ 
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26. A method as defined in claim 25 wherein the at least a disabled file system comrnand 
re|ale$ to all files stored on the storage medium. ' . 

27. A method of restricting access by a computer to a logical storage medium other than a 
5 write once medium in communication with the computer, the method comprising the 

steps of: 

providing an indication of a data write access privilege for the entire logical storage 
medium, the data write access privilege indicative of a restriction to alteration of a same 
portion. of each file stored on the logical storage medium; and 
10 restricting file access to the logical storage medium in accordance with the indication 
while allowing access to free space portions of the same logical storage niedium. 

28. A method as defined in claim 27 comprising the steps of: 

writing further file data to the free space portions of the same logical storage medium; 
15 and, 

. restricting file access to the further file data in 
allowing access to remaining free space portions of the same logical storage medium. 

29. A method as defined in claim 27 wherein the indication of a data write access 
20 privilege is one of the following: write access without delete, write access without 

rename; write access without overwrite, and write access without changing file access 
privileges. ! 

30. A method as defined iii claim 27 wherein storage rnedium is a removable storage 
25 medium. 

3 L A method of restricting access by a computer to a storage medium other than a write 
once medium in communication with the computer, the method comprising the steps of: 
providing an indication of a data write access privilege for the entire logical storage 
30 . medium indicating a disabled operation relating to alteration of a portion of each file 
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Stored within the logical storage medium, the indication other than a read only indication; 
and, 

restricting file access to each file within the logical storage medium in accordance with 
the same indication while allowing access to free space portions of the sarne logical 
5 storage medium. 

32. A method as defined in claim 3 1 wherein the indication comprises at least one of the 
following: write .access withoiit delete, write access without rename; write access without 
overwrite, and write access without changing file access privil^^ . . 

10- ■;■ ' -yr ':■ ^ ■ • " ■ . • ^ . ; , • . . ' 

33. A method as defined in claim'32 wherein logical storage medium is a single physical 
storage medium and wherein a single physical storage medium consists of a single logical 
:storage medium. : \ 

15 34. A method as defined in claim 32 whereih storage medium is a removable storage 
medium. ... 

35. A method of restricting access by a computer to a storage medium other than a wrhe 
once medium in communication with the computer, the method comprising the steps of: 
20 providing an indication of a data write access privilege for the entire logical storage 
rnedium indicating a disabled operation relating to alteration of data within the logical 
storage medium, the indication other than a read only indication, the disabled operations 
supported by the storage medium; and 

restricting write access to data within the logical storage mediuiri in accordance with the 
25 same indication while allo^ying access to free space portions of the sarne logical storage 
mediiim. 
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